Back to skill

Security audit

Lunar Calendar - 中国老黄历

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed TianAPI lunar-calendar lookup skill; the main risk is ordinary API-key handling, not hidden or malicious behavior.

Install only if you are comfortable sending lookup dates and your TianAPI key to TianAPI. Prefer the environment variable over command-line or copied URL examples, avoid committing scripts/.env, and rotate the key if it is exposed in shell history, logs, or shared screenshots.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill documentation shows use of environment variables, local file storage, and outbound network access, but these capabilities are not explicitly declared as permissions. This creates a transparency and trust problem: operators may approve a seemingly harmless calendar skill without realizing it reads secrets and communicates with a third-party service.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The documented behavior goes beyond a simple calendar lookup by instructing the agent to read credentials from the environment or local files and send them to an external service. When these behaviors are omitted or underemphasized in the declared purpose, users and reviewers may underestimate data exposure and grant execution in inappropriate contexts.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
Passing an API key as a command-line argument can expose it through shell history, process listings, audit logs, and telemetry. This is especially risky on shared systems or hosted runners where other users or administrators may inspect running commands.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Placing the API key in the URL query string can leak it via browser history, proxy logs, server logs, referrer headers, and observability systems. Even if the API itself expects a query parameter, documenting this without a warning encourages insecure handling of credentials.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.